Most people define mobile devices – smartphones and tablets – as those
running a mobile-optimized operating system (e.g. iOS, Android, Windows
Phone). There’s a trend emerging, however, in which traditional mobile
devices are gaining functionality typically associated with PCs.
At the same time, PCs are being architected more like mobile devices — an
interbreeding of species, if you will. The iPad Pro, for example, has a
keyboard. With Windows 10, phones and tablets can run “Universal” apps
that also run on PCs. Windows 10 also has application-layer sandboxing,
code-signing, and an app store with apps pre-vetted by Microsoft. In
certain configurations (i.e. enterprise-managed devices), a laptop running
Windows 10 has a security architecture that looks strikingly similar to a
smartphone or tablet.

Adobe's code-signing infrastructure got hacked and now you have to worry about some really bad software out there that your computers will think are valid, safe applications from Adobe. One of them is pwdump which gets Windows passwords.

The emergence of mobile applications has fundamentally changed the way that millions of people around the world work, play, and communicate. Meanwhile, cybercriminals want to infect and exploit as many mobile devices as they can to steal information.

Gaining the trust of online customers is vital for the success of any company that transfers sensitive data over the Web. When shopping online, consumers are concerned about identity theft and are therefore wary of providing untrusted sources with their personal information, especially their credit card details. Other types of online businesses require different but equally sensitive information. People are reluctant to provide their national insurance numbers, passwords, or other confidential personal information, or sometimes even just name, address, and phone number. Perhaps the information will be intercepted in transit, they fear, or perhaps the destination itself is manned by imposters with ill intent. The result is an abandoned transaction.

This paper will show how code signing works, how attacks can be mounted against unsigned software, (including autoupdate software), and how real-world signing systems protect software vendors, enterprises and end users.

This guide will show you how Code Signing Certificates are used to secure code that can be downloaded from the Internet. You will also learn how these certificates operate with different software platforms.

Online visitors are becoming more and more wary about transacting online. One way to provide reassurance that your Web site is reputable and safe is to implement the latest SSL encryption technology on your site. Read this guide to learn about the latest in SSL.

Learn about governmental standards and regulations, such as HIPAA and Sarbanes-Oxley, covering data protection and privacy. Then, learn how your enterprise can be compliant utilizing the latest encryption technologies.

The efficacy of code signing as an authentication mechanism for software depends on the secure storage of code signing private keys used by software publishers. Companies that are diligent and willing to invest in the appropriate security measures can make the compromise of their private keys highly unlikely. This white paper describes recent security breaches and why they may have happened, along with best practices, especially for the Windows platform, which can help to safeguard the private keys associated with code signing certificates.